NET::ERR_CERT_AUTHORITY_INVALID in EDGE for INTERNAL site

Question

This has been written about many times, but I was not able to solve it

this is a small company with serveral (about 50) devices solely with internal IP with web server (like ESXI web, printer, ...)

upon opening the site https://myesxiserver.domain.local
or
https://myesxiserver

I get
NET::ERR_CERT_AUTHORITY_INVALID

currently I type thisisunsafe and go ahead

I wanted to apply GPO/reg key in HKEY_CURRENT_USER\Software\Policies\Microsoft\Edge\HSTSPolicyBypassList
...then and add hostnames (like "myesxiserver" without "domain.local").
...then restart Edge.
...then re-apply edge://policy

but it will still present the error

I will NOT use an internal PKI for this - this is a solution for a small enterprise, but not for a small company with only me responsible for everything.

I do not want to import the Autohority (the esxi itself) in every browser I just want to tell the browser to ignore every certificate error from this device (only internal)
Is this not possible??

what is still necessary?

Answer 1

Please note that HSTSPolicyBypassList

only applies to static HSTS-preloaded entries (for example, "app", "new", "search", "play"). This policy does not prevent HSTS upgrades for servers that have dynamically requested HSTS upgrades using a Strict-Transport-Security response header.

You may check whether you have met these prerequisites.

For more information, you can refer to https://learn.microsoft.com/en-us/deployedge/microsoft-edge-policies#hstspolicybypasslist.